Published

Your smartphone1 is basically a bug. It can locate you, exchange information with 3rd parties and since it’s really just a computer it can have backdoors, viruses or whatever you can think of. From a security and privacy perspective, they are (regardless of the software platform) horrible.

But where there is danger and awareness there is a business opportunity. In comes Blackphone, “the world’s first smartphone to put privacy and control ahead of everything else” (quote).

Blackphone is the world’s first smartphone to put privacy and control ahead of everything else. Ahead of carriers. Ahead of advertising. Blackphone is reshaping the landscape of personal communications.

Quite a big promise but in light of the situation Edward Snowden’s leaks have made public maybe a great way for people to regain control and privacy?

The team consists of people with quite a bit of experience: The Geeksphone guys have created the first Firefox OS and were the first European company to build an android phone. The guys from Silent Circle build secure email solutions and Phil Zimmermann invented PGP. And there are more people with quite a track record in security and engineering. Basically a Dream Team for creating secure phones.

The Blackphone will run a modified version of Google’s Android operating system that the Blackphone team customizes to harden it security-wise removing or modifying dubious or dangerous packages and parts as well as adding tools providing encryption to things like for example SMS or chat messages.

For the sake of the argument, let’s just assume that they’ll do a great job implementing their changes: That their encryption won’t leak secrets and that they removed everything that could compromise a user’s security or privacy. Let’s also assume that they did a proper audit of all the stuff they inherited from Google’s Android repository fixing existing issues. We also assume that the users are smart and don’t act in any way that would compromise the security the phone offers.

The question is: Can the Blackphone deliver on its promise?

A Smartphone is more than just software. I believe that the Blackphone guys2 can tackle a lot of the problems that the software stack has. Because a big chunk of it already has been done by the Cyanogenmod Team with their Privacy Guard feature allowing users to effectively sandbox apps to ensure that they cannot access personal data. But there are other layers as well that we have to look at: Hardware, baseband and network.

Hardware

A smartphone is mostly build from already existing components. Smartphone makers buy processors, RAM and all the stuff they need from 3rd party vendors and assemble these parts to create their product (obviously sometimes new components have to be developed as well, but most stuff is pretty standard). If you want to really trust your phone to not trick you you have to trust its components: Backdoors can also exist in hardware (a problem even the military can fall victim to). Blackphone does not address that issue in any way and they really don’t have the resources to build their own stuff. So here we have quite a problem: If the ARM processors or other parts used in the phone are in some way compromised the promise is broken completely.

Baseband

A phone’s baseband processor is the component doing all the communication with the wireless phone network. It has its own memory and even its own proprietary operating system. It’s basically a second operating system in your device that you have no control over: You cannot get its source code to audit it for bugs or backdoors. You have no control over it and what it does with the data you hand over. It could easily send a copy of every bit of data you use to someone else without you having any way of noticing. From what I know there is no open baseband processor and Blackphone does not promise to build or have one. So yeah. Not good.

Network

Your phone is pretty much worthless without some sort of network connection. And since we move around in the world quite a bit but want connectivity we get a contract with a service provider (I’ll not get into the whole hacking SIM cards thing here read more here but be assured, there’s yet another problem).

That provider has base stations which your phone associates with to transfer data, messages and calls. Regardless of what your phone does, whether hardware and software are bulletproof: Your provider knows which base station your phone is connected to, approximately how far away from it your phone is and where that base station is located. So the network provider knows where you are whenever your phone is on. It knows who you call (even if you would encrypt the call) and who you send SMS to. You can protect your traffic using VPNs and similar technologies so they do not know what kind of internet traffic you have but they can measure the quantity and you can use that information to make certain assumptions about what a phone is doing.

You cannot protect against the network provider knowing a lot, it’s a systemic thing. Now if we could trust our providers everything would be fine, but we know that lawful interception exists, that secret services do force providers to collect and hand over data. So all that can be considered lost.

A state of mind

Looking at the Blackphone website you know what their target audience is. The website, the video, the language, they all talk within the existing hacker narrative. Of the individual with exceptional skill and knowledge fighting against the oppressive government. They have people with the right credentials and I guess that they will actually build a decent phone. So they’ll find an audience.

And it’s not like their work was irrelevant: Fixing bugs in the software stack is important and building apps offering a certain level of encryption that are actually usable is one of the big tasks we have largely failed to address. So kudos to them for throwing their hats in the ring.

But the actual promises of control, privacy and protection are – considering what we know and even if we assume that they work flawlessly – somewhat of a stretch both from the hardware side as well as from the network side of things.

I consider the Blackphone basically a homeopathic solution selling a feeling of security and maybe a few nice patches to android. It’s part of the last struggle of the failing old narrative of security and control.